In order to keep security vulnerabilities from being reported via issues and PRs, it's advisable to enable vulnerability reporting through the Github repository settings.
https://docs.github.com/en/code-security/how-tos/report-and-fix-vulnerabilities/configure-vulnerability-reporting/configuring-private-vulnerability-reporting-for-a-repository
This will allow submissions of vulnerabilities and for the maintainers to issue advisories for vulnerabilities. For example: https://github.com/containerd/containerd/security
A security policy is also required and I'll create a PR to add something I think fits this project
In order to keep security vulnerabilities from being reported via issues and PRs, it's advisable to enable vulnerability reporting through the Github repository settings.
https://docs.github.com/en/code-security/how-tos/report-and-fix-vulnerabilities/configure-vulnerability-reporting/configuring-private-vulnerability-reporting-for-a-repository
This will allow submissions of vulnerabilities and for the maintainers to issue advisories for vulnerabilities. For example: https://github.com/containerd/containerd/security
A security policy is also required and I'll create a PR to add something I think fits this project